<?#//v.3.1.1
#///////////////////////////////////////////////////////
#//  COPYRIGHT 2004 Phpauction.org ALL RIGHTS RESERVED//
#///////////////////////////////////////////////////////

require('../includes/config.inc.php');
include "loggedin.inc.php";

#//Default for error message (blank)
$ERR = "&nbsp;";

#// Insert new message
if($_POST[action] == "update" && phpa_securepost($_POST)){
	if(strlen($_POST[question]) == 0 && strlen($_POST[answer]) == 0){
		$ERR = "Required fields missing (all fields are required).";
		$settings = $_POST;
	}else{
		if (!PHP_4 )
		{
		  require_once './htmlpurifier/library/HTMLPurifier.auto.php';
		  $config = HTMLPurifier_Config::createDefault();
		  $config->set('Core', 'Encoding', 'ISO-8859-1');
		  $config->set('HTML', 'Doctype', 'HTML 4.01 Transitional');
		  $config->set('HTML', 'AllowedElements', 'div,a,em,blockquote,p,code,pre,table,font,tbody,td,tr,b,strong,u,ul,li,ol');
		  $purifier = new HTMLPurifier($config);
		}
		else
		{
		   require_once './class/phpauction_purify.php';
		   $purifier = new HTMLPurifier();
		   $purifier->allowed_tags(array("div","a","em","blockquote","p","code","pre","table","font","tbody","td","tr","b","strong","u","ul","li","ol" ));
		}


        $clean_question = $purifier->purify(stripslashes($_POST['question'][$SETTINGS['defaultlanguage']]));
        $clean_answer   = $purifier->purify(stripslashes($_POST['answer'][$SETTINGS['defaultlanguage']]));
        $_POST['question'][$SETTINGS['defaultlanguage']] = $clean_question;
        $_POST['answer'][$SETTINGS['defaultlanguage']]   = $clean_answer;

		$query = "INSERT into PHPAUCTIONXL_faqs values(NULL,
			   '".$clean_question."',
			   '".$clean_answer."',
			   $_POST[category])";
		$res = @mysql_query($query);
		if(!$res){
			print "Error: $query<BR>".mysql_error();
			exit;
		}else{
			$id=mysql_insert_id();
			#// Insert into translation table.
			reset($LANGUAGES);
			while(list($k,$v) = each($LANGUAGES)){
                                $clean_question = $purifier->purify(stripslashes($_POST['question'][$k]));
                                $clean_answer   = $purifier->purify(stripslashes($_POST['answer'][$k]));
                                $_POST['question'][$k] = $clean_question;
                                $_POST['answer'][$k]   = $clean_answer;

				$query = "INSERT INTO PHPAUCTIONXL_faqs_translated VALUES(
						$id,
						'$k',
						'".$clean_question."',
						'".$clean_answer."')";
				$res = @mysql_query($query);
			}
			Header("Location: faqs.php");
			exit;
		}
	}
}

if($_POST[action] != "update")
{
	#// Get data from the database
	$query = "select * from PHPAUCTIONXL_faqscategories";
	$res_c = @mysql_query($query);
	if(!$res_c)
	{
		print "Error: $query<BR>".mysql_error();
		exit;
	}
}

?>
<HTML>
<HEAD>
<link rel='stylesheet' type='text/css' href='style.css' />
<script type="text/javascript" src="../js/tinymce/jscripts/tiny_mce/tiny_mce.js"></script>
<script type="text/javascript">
tinyMCE.init({
        mode : "textareas",
        theme : "advanced",
        language: "en",
        plugins : "table",
        theme_advanced_buttons1 : "backcolor, forecolor, bold,italic,underline,separator,strikethrough,justifyleft,justifycenter,justifyright, justifyfull,bullist,numlist,undo,redo,link,unlink",
        theme_advanced_buttons2 : "fontselect, fontsizeselect, image",
        theme_advanced_buttons3 : "tablecontrols",
        theme_advanced_toolbar_location : "top",
        theme_advanced_toolbar_align : "left",
        force_br_newlines : "false",
        extended_valid_elements : "a[name|href|target|title|onclick],img[class|src|border=0|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name],hr[class|width|size|noshade],font[face|size|color|style],span[class|align|style]"
});
</script>

<link href="css/main.css" rel="stylesheet" type="text/css">
</HEAD>
<bodyleftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <tr> 
    <td><table width="100%" border="0" cellspacing="0" cellpadding="0" class="titulo">
        <tr> 
          <td class="icono"><img src="images/content_icon2.gif" width="28" height="27" ></td>
          <td class="breadcrumbs"><p><?=$MSG_25_0018?>&nbsp;&gt;&gt;&nbsp;<?=$MSG_5231?></p></td>
        </tr>
      </table></td>
  </tr>
  <tr>
    <td align="center" valign="middle">&nbsp;</td>
  </tr>
    <tr> 
    <td align="center" valign="middle"><FORM NAME="faq" METHOD="post" ACTION="<?=basename($_SERVER['PHP_SELF'])?>">
	<TABLE WIDTH="95%" BORDER="0" CELLSPACING="0" CELLPADDING="0" ALIGN="CENTER">
		<TR align=center>
			<TD BGCOLOR=#ffffff>&nbsp;</TD>
		</TR>
		<TR>
			<TD>
				<TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="0" ALIGN="CENTER" class="base" style="border:1px solid #ccc;">
					<TR>
						<TD COLSPAN="2"  align=center class=title>
							<p><?=$MSG_5231?></p>
						</TD>
					</TR>
					<TR BGCOLOR="#FFFFFF">
						<TD WIDTH="23%" CLASS=link HEIGHT="27" VALIGN="top">
							<p class="blue"><?=$MSG_5238?></p> </TD>
						<TD WIDTH="77%" CLASS=link HEIGHT="27">
						<SELECT NAME="category">
							<?
							while($row = mysql_fetch_array($res_c))
							{
								$row[category]=stripslashes($row[category]);
								print "<OPTION VALUE=\"$row[id]\"";
								if($_POST[category] == $row[category]) print " SELECTED";
								print ">$row[category]</OPTION>\n";
							}
						?>
						</SELECT>
						</TD>
					</TR>
					<TR BGCOLOR="#FFFFFF">
						<TD WIDTH="23%" CLASS=link HEIGHT="27" VALIGN="top">
						<p class="blue"><?=$MSG_5239?></p></TD>
						<TD WIDTH="77%" CLASS=link HEIGHT="27">
							<IMG SRC="../includes/flags/<?=$SETTINGS['defaultlanguage']?>.gif">&nbsp;<INPUT TYPE="text" NAME="question[<?=$SETTINGS['defaultlanguage']?>]" SIZE="35" MAXLENGTH="200">
							<?
								reset($LANGUAGES);
								while(list($k,$v) = each($LANGUAGES)){
									if($k!=$SETTINGS['defaultlanguage']) print "<BR><IMG SRC=../includes/flags/".$k.".gif>&nbsp;<INPUT TYPE=text NAME=question[$k] SIZE=35 MAXLENGTH=200>";
								}
							?>
						</TD>
					</TR>
					<TR BGCOLOR="#FFFFFF">
						<TD WIDTH="23%" CLASS=link HEIGHT="27" VALIGN="top">
						<p class="blue"><?=$MSG_5240?></p></TD>
						<TD WIDTH="77%" CLASS=link HEIGHT="27">
							<IMG SRC="../includes/flags/<?=$SETTINGS['defaultlanguage']?>.gif"><BR /><TEXTAREA NAME="answer[<?=$SETTINGS['defaultlanguage']?>]" COLS="65" ROWS="15"></TEXTAREA>
							<?
								reset($LANGUAGES);
								while(list($k,$v) = each($LANGUAGES)){
									if($k!=$SETTINGS['defaultlanguage']) print "<BR><IMG SRC=../includes/flags/".$k.".gif><BR /><TEXTAREA NAME=answer[$k] COLS=65 ROWS=15></TEXTAREA>";
								}
							?>
						</TD>
					</TR>
					<TR>
						<TD WIDTH="23%" BGCOLOR="#FFFFFF">
							<INPUT TYPE="hidden" NAME="action" VALUE="update" /> <INPUT TYPE="hidden" NAME="security" VALUE="<?php echo $_SESSION['security'];?>" />
						</TD>
						<TD WIDTH="77%" BGCOLOR="#FFFFFF">
							<INPUT TYPE="submit" NAME="Submit" VALUE="INSERT FAQ" class="action">
						</TD>
					</TR>
				</TABLE>
			</TD>
		</TR>
	</TABLE>
</FORM>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>
